CVE-2013-1820

CVE-2013-1820 concerns the tuned daemon (tuned before 2.x) where insecure permissions on tuned’s ktune service allow local users to kill running processes. Multiple sources (NVD entry, Debian/Ubuntu advisories, Red Hat/Nessus plugins) confirm the vulnerability stems from improper access control o...

macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()

On macOS, when a new mount point is created, the kernel uses checkdirs to, as a comment above the function explains: "Scan all active processes to see if any of them have a current or root directory onto which the new filesystem has just been mounted. If so, replace them with the new mount point....

The vulnerability of the ihevcd_parse_sps function (ihevcd_parse_headers.c) in the Android operating system allows a hacker to cause a system failure for critical system processes.

The vulnerability of the ihevcdparsesps function ihevcdparseheaders.c in the Android operating system is related to an infinite loop being entered. Exploiting this vulnerability could allow a malicious actor to cause a critical system process to fail remotely...

Video_Converter app denial of service vulnerability

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.VideoConverter app is a video file format converter. A denial of service vulnerability exists in VideoConverter app version 0.1.0 for Nextcloud, which...

Design/Logic Flaw

The VideoConverter app 0.1.0 for Nextcloud allows denial of service CPU and memory consumption via multiple concurrent conversions because many FFmpeg processes may be running at once. The workload is not queued for serial execution...

Microsoft to Reward Hackers for Finding Bugs in Open Source Election Software

Fair elections are the lifelines of democracy, but in recent years election hacking has become a hot topic worldwide. Whether it's American voting machines during the 2016 presidential election or India's EVMs during 2014 general elections, the integrity, transparency, and security of electronic...

CVE-2019-3805

A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root...

Juniper Junos CVE-2019-0060 Denial of Service Vulnerability

Description Juniper Junos is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a process crash, denying service to legitimate users. The following versions of Juniper Junos are affected: Juniper Junos 15.1X49 versions prior to 15.1X49-D171, 15.1X49-D180 are...

How security orchestration improves detection and response

Working together in perfect harmony like the wind and percussion sections of a symphony orchestra requires both rigorous practice and a skilled conductor. Wouldn’t it be great if our cybersecurity solutions did the same to better protect organizations? The methods and tools used to accomplish thi...

Processes, Logs And Configuration Files Participating in Citrix ADM High Availability

The following processes participate in Citrix ADM HA operations: /usr/local/bin/python /mps/mashbmonit.py This process is run by both nodes. It is responsible for sending and receiving heartbeats and healthchecks. By default, it uses UDP port 5005. The configuration file for this process...

Apple Safari APPLE-SA-2019-9-26-9 Multiple security Vulnerabilities

Description Apple Safari is prone to is prone to multiple security vulnerabilities. An attacker may exploit these issues to carry out phishing-style attacks or to obtain sensitive information that may aid in further attacks. Technologies Affected Apple Safari 1.0.0 Apple Safari 1.0.0 Apple Safari...

CVE-2019-3689

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If...

UBUNTU-CVE-2019-3689

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If...

kernel: ppc: unrelated processes being able to read/write to each other's virtual memory

A flaw was found in the way the Linux kernel's memory subsystem on certain 64-bit PowerPCs with the hash page table MMU handled memory above 512TB. A local, unprivileged user could use this flaw to escalate their privileges on the system...

Grapl - Graph Platform For Detection And Response

Grapl is a Graph Platform for Detection and Response. For a more in depth overview of Grapl, read this. In short, Grapl will take raw logs, convert them into graphs, and merge those graphs into a Master Graph. It will then orchestrate the execution of your attack signatures and provide tools for...

CVE-2019-1549 Fork Protection

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

CVE-2019-11741

A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...

CVE-2019-10724

There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. The following are affected products and versions: Legion Y520TZ370 6.0.1.8642, AIO310-20IAP 6.0.1.8642, AIO510-22ISH 6.0.1.8642...

Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability

A vulnerability in the Virtual Shell VSH session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no syst...

Information Disclosure

PHP is vulnerable to information disclosure. It has dumpable FPM child processes which allow bypassing opcache access controls because fpmunix.c calls PRSETDUMPABLE prctl...